From e85765bffc0c7e1addbd7e4c85ebdd02ca4a0b05 Mon Sep 17 00:00:00 2001
From: Josh Dover <me@joshdover.com>
Date: Tue, 15 Sep 2020 12:18:47 -0600
Subject: [PATCH] [7.x] Do not call feature usage APIs on anonymous paths
 (#77411) (#77510)

---
 .../public/services/feature_usage_service.test.ts | 15 +++++++++++++++
 .../public/services/feature_usage_service.ts      |  8 ++++++++
 2 files changed, 23 insertions(+)

diff --git a/x-pack/plugins/licensing/public/services/feature_usage_service.test.ts b/x-pack/plugins/licensing/public/services/feature_usage_service.test.ts
index eba2d1e67b509..faefb1501376d 100644
--- a/x-pack/plugins/licensing/public/services/feature_usage_service.test.ts
+++ b/x-pack/plugins/licensing/public/services/feature_usage_service.test.ts
@@ -29,6 +29,13 @@ describe('FeatureUsageService', () => {
           }),
         });
       });
+
+      it('does not call endpoint if on anonymous path', async () => {
+        http.anonymousPaths.isAnonymous.mockReturnValue(true);
+        const setup = service.setup({ http });
+        await setup.register('my-feature', 'platinum');
+        expect(http.post).not.toHaveBeenCalled();
+      });
     });
   });
 
@@ -64,6 +71,14 @@ describe('FeatureUsageService', () => {
           }),
         });
       });
+
+      it('does not call endpoint if on anonymous path', async () => {
+        http.anonymousPaths.isAnonymous.mockReturnValue(true);
+        service.setup({ http });
+        const start = service.start({ http });
+        await start.notifyUsage('my-feature', 42);
+        expect(http.post).not.toHaveBeenCalled();
+      });
     });
   });
 });
diff --git a/x-pack/plugins/licensing/public/services/feature_usage_service.ts b/x-pack/plugins/licensing/public/services/feature_usage_service.ts
index 588d22eeb818d..c076bff58359f 100644
--- a/x-pack/plugins/licensing/public/services/feature_usage_service.ts
+++ b/x-pack/plugins/licensing/public/services/feature_usage_service.ts
@@ -42,6 +42,11 @@ export class FeatureUsageService {
   public setup({ http }: SetupDeps): FeatureUsageServiceSetup {
     return {
       register: async (featureName, licenseType) => {
+        // Skip registration if on logged-out page
+        // NOTE: this only works because the login page does a full-page refresh after logging in
+        // If this is ever changed, this code will need to buffer registrations and call them after the user logs in.
+        if (http.anonymousPaths.isAnonymous(window.location.pathname)) return;
+
         await http.post('/internal/licensing/feature_usage/register', {
           body: JSON.stringify({
             featureName,
@@ -55,6 +60,9 @@ export class FeatureUsageService {
   public start({ http }: StartDeps): FeatureUsageServiceStart {
     return {
       notifyUsage: async (featureName, usedAt = Date.now()) => {
+        // Skip notification if on logged-out page
+        if (http.anonymousPaths.isAnonymous(window.location.pathname)) return;
+
         const lastUsed = isDate(usedAt) ? usedAt.getTime() : usedAt;
         await http.post('/internal/licensing/feature_usage/notify', {
           body: JSON.stringify({